<!DOCTYPE html>
<html>
    <?php
    /*
     * This contains functions to edit any returns
     */
    require_once "../../DB/db.php";
    include_once '../../class/UserClass.php';
    if ($user->isLoggedOn() && $user->isMedarbeider()) {

        if (isset($_POST['refund'])) {
            /*
             *  Her skal koden for å refundere penger til kunden ligge
             * men siden vi ikke bruker noen form for betaling så
             * vil returen bare bli satt til behandlet
             */
            $i = 1;
            foreach ($_POST as $item) { // loops trough POST to find number of items to edit
                if ($i == sizeof($_POST)) { // exit the loop if end of POST
                    break;
                }
                $sql = 'UPDATE returns SET edited=:edited WHERE rid=:rid'; // update edited to 1
                $edited = 1; //edited value
                $sth = $db->prepare($sql);
                $sth->bindParam(':edited', $edited);
                $sth->bindParam(':rid', $item);
                $result = $sth->execute();
                $i++; //number of check ++
            }
        } else if (isset($_POST['reject'])) { // same as above
            $i = 1;
            foreach ($_POST as $item) {
                if ($i == sizeof($_POST)) {
                    break;
                }
                $sql = 'UPDATE returns SET edited=:edited WHERE rid=:rid';
                $edited = 1;
                $sth = $db->prepare($sql);
                $sth->bindParam(':edited', $edited);
                $sth->bindParam(':rid', $item);
                $result = $sth->execute();
                $i++;
            }
        } else if (isset($_POST['newitem'])) { // this will send a new item
            $i = 1;
            $userId = $_POST['userID']; // sets the user id
            $sql = 'INSERT INTO orders (uid, totalprice, orderdate, retur) values (?, ?, ?, ?)';
            $sth = $db->prepare($sql);
            //$db->beginTransaction(); this was ment to lock the next transactions
            $result = $sth->execute(array($userId, 0, date("Y-m-d H:m:s"), 1)); //creates new order
            $orderID = $db->lastInsertId(); // get last inserted order id
            foreach ($_POST as $item) {
                if ($i == sizeof($_POST) - 1) { // loops trough post to check what and how many item to send
                    break;
                }
                $res = $db->query('SELECT * from returns WHERE rid=' . $item); //get item values
                if ($row = $res->fetch()) {

                    $sql1 = 'INSERT INTO orderitems(oid, vid, originalprice, numberof) values (?, ?, ?, ?)';
                    $sth1 = $db->prepare($sql1); // insert new orderitems
                    $result1 = $sth1->execute(array($orderID, $row['vid'], $row['price'], $row['numberof']));

                    $sql2 = 'UPDATE returns SET edited=:edited WHERE rid=:rid'; // sets the return to edited
                    $edited = 1; 
                    $sth1 = $db->prepare($sql2);
                    $sth1->bindParam(':edited', $edited);
                    $sth1->bindParam(':rid', $item);
                    $result = $sth1->execute();
                }
                $i++;
            }
            //$db->commit(); // commit transactions
        }
        ?>
        <head>
            <title>Nettbutikk</title>
            <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
            <link rel="stylesheet" type="text/css" href="../../CSS/mainFrame.css" />
            <link rel="stylesheet" type="text/css" href="../../CSS/content.css" />
        </head>
        <body>
            <div class="wrapper">
                <?php
                include_once "../../MainFrame/header.php";
                include_once "../../MainFrame/menuBar.php";
                include_once "../../MainFrame/sideBar.php";
                ?>

                <div class="content">
                    <div class="empEditReturn">
                        <?php
                        $userId = 0;            // selects all returns from that spesific order that is not edited
                        $res = $db->query('SELECT * from returns WHERE oid=' . $_REQUEST['orderID'] . ' AND edited=0');
                        echo '<form name="editReturn" method="post" action="empEditReturn.php?orderID=' . $_REQUEST['orderID'] . '" >';
                        echo '<h1>Ordre ID: ' . $_REQUEST['orderID'] . '</h1>'; // creates a form and table to list the returns
                        echo '<table>';                        
                        echo "<tr><th>Valg</th><th>Retur ID</th><th>Vare ID</th><th>Bruker ID</th><th>Antall</th><th>Sendingsdato</th></tr>";
                        while ($row = $res->fetch()) {
                            $userId = $row['uid'];  //displays the return values plus a checkbox
                            echo '<tr>';
                            echo '<td><input type="checkbox" name="' . $row['rid'] . '"value="' . $row['rid'] . '" ></td>';
                            echo '<td>' . $row['rid'] . '</td>';
                            echo '<td>' . $row['vid'] . '</td>';
                            echo '<td>' . $userId . '</td>';
                            echo '<td>' . $row['numberof'] . '</td>';
                            echo '<td>' . $row['sendingdate'] . '</td>';
                            echo '</tr>';
                        }
                        echo '</table>';
                        echo '<input type="hidden" name="userID" value="' . $userId . '" >'; // sends the userID
                        echo '<input type="submit" name="refund" value="Refunder" >';// to pay back the user
                        echo '<input type="submit" name="newitem" value="Ny vare" >';// to send new item
                        echo '<input type="submit" name="reject" value="Avvis" >';// to reject the return
                        echo '</form>';
                        ?>
                    </div>
                </div>

                <?php
            }
            include_once "../../MainFrame/footer.php";
            ?>
        </div>
    </body>
</html>